[Cryptech Tech] arm

Jakob Schlyter jakob at kirei.se
Mon Jan 19 21:45:50 UTC 2015


On 19 jan 2015, at 22:42, Bernd Paysan <bernd at net2o.de> wrote:

> A generic USB host with tons of drivers enabled for all the weird protocols 
> out there is for sure an attack vector. USB host is only relevant if you want 
> to use an USB stick to store data on.  My recommendation: use an SD card 
> instead.  That's a simple, single-purpose interface (especially the slow SPI 
> part is really simple, and would be fast enough to store keys).

We have discussed using various types of USB connected authenticators such as fido tokens and smart card readers. The later is rather easy to hard a dedicated serial port for, but the former would require a real USB port. Going for a very limited set of drivers seems a more pragmatic way forward IMHO.


	jakob



More information about the Tech mailing list